package com.prabhat.webapp.realm;

import java.util.ArrayList;
import java.util.Collection;
import java.util.HashSet;
import java.util.List;
import java.util.Set;

import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.AuthenticationInfo;
import org.apache.shiro.authc.AuthenticationToken;
import org.apache.shiro.authz.AuthorizationException;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.authz.SimpleAuthorizationInfo;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.subject.PrincipalCollection;
import org.springframework.beans.factory.annotation.Autowired;

/**
 * 
 * @author prabhat.k
 * @date 10-Oct-2012
 * @description This is an extension to shiro's AuthorizingRealm to authorize users through JPA
 * 
 */

public class JPAAuthorizingRealm extends AuthorizingRealm {
/*
	@Autowired
	AdminUserDAO adminUserDAO;
	
	@Autowired
	UserGroupDAO groupDAO;
	
	@Autowired
	RoleDAO roleDAO;
	
	@Autowired
	PermissionDAO permissionDAO;
*/	
	
	@Override
	protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) {
		//null usernames are invalid
        if (principals == null) {
            throw new AuthorizationException("PrincipalCollection method argument cannot be null.");
        }

/*        String username = (String) getAvailablePrincipal(principals);

        Set<String> roleNames = new HashSet<String>();
        Set<String> permissions = new HashSet<String>();

        List<String> groups =  getGroupNamesForUser(username);
        
        List<String> roles = getRoleNamesForGroups(groups);
        
        List<String> permissionsList = getPermissionsForRoles(roles);
        
        roleNames.addAll(roles);
        permissions.addAll(permissionsList);
        
        SimpleAuthorizationInfo info = new SimpleAuthorizationInfo(roleNames);
*/      SimpleAuthorizationInfo info = new SimpleAuthorizationInfo(new HashSet<String>());
        info.setStringPermissions(new HashSet<String>());
        return info;	
		
	}

	
	private List<String> getPermissionsForRoles(List<String> roles) {
		List<String> permissions = new ArrayList<String>();
		for(String role : roles) {
			permissions.addAll(getPermissionsForRole(role));
		}
		return permissions;
	}


	private Collection<? extends String> getPermissionsForRole(String role) {
		//return permissionDAO.findByRoleName(role);
		return new HashSet<String>();
	}


	private List<String> getRoleNamesForGroups(List<String> groups) {
		List<String> roles = new ArrayList<String>();
		for(String group : groups) {
			roles.addAll(getRoleNamesForGroup(group));
		}
		return roles;
	}

	private List<String> getRoleNamesForGroup(String group) {
		// TODO Auto-generated method stub
		//return roleDAO.findByGroupName(group);
		return new ArrayList<String>();
	}

	private List<String> getGroupNamesForUser(String username) {
		// TODO Auto-generated method stub
		//return groupDAO.findByAdminUserName(username);
		return new ArrayList<String>();
	}

	@Override
	protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException {
		// TODO Auto-generated method stub
		return null;
	}

}
